This topic describes the resource quotas, limits, and quota management methods for Application Load Balancer (ALB).
Limits
These are hard limits that cannot be increased.
Listener Limits
Resource | Feature version | Default Limit |
Maximum number of access control policy groups that can be associated with a listener | Basic/Standard/WAF-enabled | 3 |
Maximum number of access control entries that can be associated with a listener | Basic | 300 |
Standard/WAF-enabled | 500 |
Forwarding Rule Limits
Resource | Feature version | Default Limit |
Maximum number of actions that can be added to a forwarding rule | Basic | 3 |
Standard/WAF-enabled | 5 | |
Maximum number of match conditions that can be added to a forwarding rule | Basic | 5 |
Standard/WAF-enabled | 10 | |
Maximum number of wildcard entries that can be added to a forwarding rule | Basic | 5 |
Standard/WAF-enabled | 10 |
Server Group Limits
Resource | Feature Version | Default Limit |
Maximum number of backend servers (IP addresses and ports) that can be added to a server group | Basic/Standard/WAF-enabled | 1,000 |
Access Control and Security Policy Limits
Resource | Edition | Default Limit |
Maximum number of listeners that can be associated with an access control policy group | Basic/Standard/WAF-enabled | 50 |
Maximum number of entries that can be added to an access control policy group | Basic/Standard/WAF-enabled | 500 |
Maximum number of listeners that can be associated with a custom security policy | Basic/Standard/WAF-enabled | 10 |
Maximum number of access control entries that can be associated with an ALB instance | Basic/Standard/WAF-enabled | 800 |
Region Limits
Resource | Edition | Default Limit |
Maximum number of custom security policies supported in a region | Basic/Standard/WAF-enabled | 50 |
Maximum number of health check templates supported in a region | Basic/Standard/WAF-enabled | 50 |
Maximum number of access control policy groups supported in a region | Basic/Standard/WAF-enabled | 1,000 |
Maximum number of server groups supported in a region | Basic/Standard/WAF-enabled | 3,000 |
Other limitations
The following limitations apply only to upgraded ALB instances. ALB instances that have not been upgraded are not affected.
In each zone of an ALB instance, the instance supports up to 250,000 concurrent connections to each backend server. If the number of concurrent connections exceeds this limit, new connections fail due to port exhaustion.
To ensure this elastic capability, we recommend that you perform the following operations:
Reserve at least 8 IP addresses in each vSwitch where the ALB instance is deployed, and pre-authorize these vSwitch CIDR blocks.
Reserve enough quota for ALB managed security group rules in the security group rule quota for an ECS instance or Elastic Network Interface (ENI).
The ALB-managed security group automatically adds rules with a priority of 1 to allow traffic from local IP addresses. The number of security group rules associated with an ALB instance must meet the following requirement:
Number of ALB-managed security group rules + Number of custom security group rules associated with the ALB ≤ Security group rule quota for the ECS instance (or ENI). For more information, see ALB security group limits.
To prevent the number of concurrent connections from exceeding the limit, you can add more servers or IP addresses to the server group. This distributes connection requests across multiple backend servers or IP addresses and reduces the load on a single server or IP address.
General Quotas
If a resource is associated with multiple objects, the resource is counted against the quota of each object. For example, if the same backend server is associated with multiple listeners and forwarding rules under the same ALB instance, the backend server is counted multiple times when the quota usage for Maximum number of backend servers that can be added to an ALB instance is calculated.
The default quota values in this topic are for reference only. The actual values in the console prevail.
Instance Quotas
Quota Name | Description | Default Value | Maximum Increase | Can Be Applied For |
alb_quota_loadbalancers_num | Maximum number of ALB instances supported in each region under an Alibaba Cloud account | 60 | 150 |
Basic EditionALB Instance Quotas
Quota Name | Description | Default Value | Maximum Increase | Can Be Applied For |
alb_quota_loadbalancer_certificates_num_basic_edition | Maximum number of additional certificates that can be added to an ALB instance (excluding default certificates) | 10 | 150 | |
alb_quota_loadbalancer_rules_num_basic_edition | Maximum number of forwarding rules that can be added to an ALB instance (excluding default rules) | 40 | 100 | |
alb_quota_loadbalancer_servers_num_basic_edition | Maximum number of backend servers that can be added to an ALB instance | 200 | 400 | |
alb_quota_loadbalancer_listeners_num_basic_edition | Maximum number of listeners that can be added to an ALB instance | 50 | 80 |
Standard EditionALB Instance Quotas
Quota Name | Description | Default Value | Maximum Increase | Can Be Applied For |
alb_quota_loadbalancer_certificates_num_standard_edition | Maximum number of additional certificates that can be added to an ALB instance (excluding default certificates) | 25 | 300 | |
alb_quota_loadbalancer_rules_num_standard_edition | Maximum number of forwarding rules that can be added to an ALB instance (excluding default rules) | 100 | 200 | |
alb_quota_loadbalancer_servers_num_standard_edition | Maximum number of backend servers that can be added to an ALB instance | 1,000 | 1,500 | |
alb_quota_loadbalancer_listeners_num_standard_edition | Maximum number of listeners that can be added to an ALB instance | 50 | 100 |
WAF-enabledALB Instance Quotas
Quota Name | Description | Default Value | Maximum Increase | Can Be Applied For |
alb_quota_loadbalancer_certificates_num_standardwithwaf_edition | Maximum number of additional certificates that can be added to an ALB instance (excluding default certificates) | 25 | 300 | |
alb_quota_loadbalancer_rules_num_standardwithwaf_edition | Maximum number of forwarding rules that can be added to an ALB instance (excluding default rules) | 100 | 200 | |
alb_quota_loadbalancer_servers_num_standardwithwaf_edition | Maximum number of backend servers that can be added to an ALB instance | 1,000 | 1,500 | |
alb_quota_loadbalancer_listeners_num_standardwithwaf_edition | Maximum number of listeners that can be added to an ALB instance | 50 | 100 |
Listener Quotas
Quota Name | Description | Default Value | Maximum limit increased to | Can Be Applied For |
alb_quota_max_request_timeout | Maximum connection request timeout when creating a listener | 600 seconds | 3600 seconds | |
alb_quota_max_idle_timeout | Maximum idle connection timeout when creating a listener | 600 seconds | 3600 seconds |
For instances that are upgraded as described in the Application Load Balancer (ALB) Instance Upgrade Announcement, you can increase thealb_quota_max_request_timeoutandalb_quota_max_idle_timeoutquotas to a maximum of 3,600 seconds. For instances that have not been upgraded, the maximum value is 900 seconds.
Server Group Quotas
Quota Name | Description | Default Value | Maximum Increase | Can Be Applied For |
alb_quota_server_added_num | Maximum number of times a backend server (IP address) can be added to an ALB backend server group | 200 times | 300 | |
alb_quota_servergroup_attached_num | Maximum number of times a server group can be associated with ALB listeners and forwarding rules | 50 times | 100 times | |
alb_quota_server_groups_weight | Maximum weight that can be configured for a single server group when forwarding rules forward traffic to it | 100 | 10,000 | Contact your account manager |
Resource Reservation Quotas
Quota Name | Description | Default Value | Maximum supported value increased to | Can Be Applied For |
alb_quota_reserved_capacity_units_per_loadbalancer | Maximum resource reservation LCU capacity configurable for each ALB instance | 5,000 | - | Contact your account manager |
alb_quota_reserved_capacity_units_per_region | Maximum LCU capacity that can be reserved per region | 20,000 | - | Contact your account manager |
API Rate Limits
You can view the API rate limits for ALB API operations in the Quota Center.
Privilege Quotas
Privilege quota items have a default value of 0, which means the feature is unavailable by default. To use these features, you must obtain authorization from Alibaba Cloud.
Quota ID | Description | Application Portal |
slb_user_visible_gray_label/ip_target_cidr_not_limited | IP-type server groups without CIDR block restrictions | |
slb_user_visible_gray_label/alb_extensible_edition | ALB Extension Edition | |
slb_user_visible_gray_label/alb_resource_reservation | ALB Resource Reservation | |
slb_user_visible_gray_label/support_sm_certificate | ALB support for SM certificates |
Manage Quotas
You can manage ALB quotas using one of the following methods:
Quota Center: Use this method to manage quotas for multiple Alibaba Cloud services in a centralized manner.
Server Load Balancer console quota management page: Use this method to manage only ALB quotas.
View Quotas
Quota Center
Log on to the Quota Center console. In the navigation pane on the left, click Product List. Then, select the quota type, such as General Quotas, API Rate Limits, or Privilege Quotas.
On the Product List page, click Application Load Balancer ALB in the Network section to view the quota information.
Server Load Balancer Console
Log on to the quota management page of the Server Load Balancer console and set the Product parameter to Application Load Balancer ALB.
Select the quota type, such as General Quotas, API Rate Limits, or Privilege Quotas, to view the corresponding quota information.
Increase Quotas
Quota Center
Log on to the Quota Center console. In the navigation pane on the left, click Product List. Select the quota type, such as General Quotas or Privilege Quotas. Then, click Application Load Balancer ALB in the Network section.
Find the target quota. In the Actions column, click Apply.
In the dialog box that appears, enter the required information and click Confirm Adjustment.
Quota increase requests are reviewed by the technical support team of the corresponding cloud product. We recommend that you specify a reasonable value and provide a detailed reason for your request. You will be notified of the approval result by text message and email.
Server Load Balancer Console
Log on to the quota management page of the Server Load Balancer console and set the Product parameter to Application Load Balancer ALB.
Select the quota type, such as General Quotas or Privilege Quotas. Find the target quota. In the Actions column, click Apply.
In the dialog box that appears, enter the required information and click Confirm Adjustment.
Quota increase requests are reviewed by the technical support team of the corresponding cloud product. We recommend that you specify a reasonable value and provide a detailed reason for your request. You will be notified of the approval result by text message and email.
Create a quota alert
You can create alerts for some general quota items of Application Load Balancer (ALB). When your quota usage reaches a preset threshold, the system sends an alert notification. This helps you request a quota increase promptly.
Quota Center
Log on to the Quota Center console. In the navigation pane on the left, click Product List, select General quotas, and click Application Load Balancer ALB in the Networking section.
Find the target quota item and click Create Alert in the Actions column.
On the Create Alert Rule page, configure the parameters for the quota alert, and then click Confirm. For more information, see Create a general quota alert.
Server Load Balancer console
Log on to the Quota Management page in the Server Load Balancer console, and set the Product parameter to Application Load Balancer (ALB).
Set the Quota Type to General Quota. Find the target quota item and click Create Alert in the Actions column.
On the Create Alert Rule page, configure the parameters for the quota alert, and then click Confirm. For more information, see Create a general quota alert.
Create a quota template
Make sure that
You are logged on with a management account.
You have enabled a resource directory and enabled quota templates.
Quota Center
Log on to the Quota Center console. In the navigation pane on the left, click Product List. Select General Quotas or Privilege Quotas as the quota type. In the Networking section, click Application Load Balancer ALB.
Find the target quota. In the Actions column, click Add to Quota Template.
In the Add to Quota Template dialog box, configure the settings. Then click OK.
Server Load Balancer console
Log on to the quota management page in the Server Load Balancer console. Set the Product parameter to Application Load Balancer ALB.
Select General Quotas or Privilege Quotas as the quota type. Find the target quota. In the Actions column, click Add to Quota Template.
In the Add to Quota Template dialog box, configure the settings. Then click OK.